Vulnerability Details CVE-2023-40989
SQL injection vulnerbility in jeecgboot jeecg-boot v 3.0, 3.5.3 that allows a remote attacker to execute arbitrary code via a crafted request to the report/jeecgboot/jmreport/queryFieldBySql component.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.349
EPSS Ranking 96.8%
CVSS Severity
CVSS v3 Score 9.8
References
Products affected by CVE-2023-40989
-
cpe:2.3:a:jeecg:jeecg_boot:3.0
-
cpe:2.3:a:jeecg:jeecg_boot:3.5.3